Share via

Performing Azure AD join to register the newly purchased computer - Out Of Box Experience?

EnterpriseArchitect 6,041 Reputation points
2023-05-09T14:34:25.2533333+00:00

People,

I have remote users across the globe working in multiple remote offices. Their new computer/laptop is brand new and runs Windows 11 Professional from the local IT shop.

Utilizing the existing license Azure AD Premium P2, I wanted those new computers to be Azure AD joined or at least registered, so I can use Intune for software deployment and configure the Group Policy via Intune.

  1. How can I achieve the above?
  2. During the Windows 11 Out-Of-Box-Experience OOBE) Can the user join the devices into our Azure AD tenant using the email address or the UPN during the new device setup?
  3. What license is required to allow Intune to manage this device, considering the users are on F3 licenses and some are on E3 only?

Any help would be greatly appreciated.

Microsoft Security | Intune | Application management
Microsoft Security | Intune | Enrollment
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Windows for business | Windows Client for IT Pros | User experience | Other
Microsoft Security | Intune | Other

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sandeep G-MSFT 20,906 Reputation points Microsoft Employee Moderator
    2023-05-11T06:55:47.6533333+00:00

    @EnterpriseArchitect

    Windows 11 users can join new Windows devices to Azure AD during the first-run out-of-box experience (OOBE).

    Note: Windows Home Editions do not support Azure AD join. These editions can still access many of the benefits by using Azure AD registration.

    For information about how complete Azure AD registration on a Windows device see the support article Register your personal device on your work or school network

    You can follow steps in below article to join Windows 11 devices to Azure AD.

    https://learn.microsoft.com/en-us/azure/active-directory/devices/azuread-joined-devices-frx#join-a-new-windows-11-device-to-azure-ad

    And to you follow-up question, you can perform Azure AD join for few users also while other users are hybrid Azure AD joined. This is possible because Azure hybrid Azure AD join is performed for devices which are joined to on-premises domain.

    And Azure AD join is performed for devices which are in workgroup.

    Apart from this you can follow below article to know more about Intune licensing.

    https://learn.microsoft.com/en-us/mem/intune/fundamentals/licenses

    Let me know if you have any further questions on this.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
  2. Limitless Technology 44,766 Reputation points
    2023-05-10T10:40:25.97+00:00

    Hello there,

    Windows 11 users can join new Windows devices to Azure AD during the first-run out-of-box experience (OOBE). This functionality enables you to distribute shrink-wrapped devices to your employees or students.

    This functionality pairs well with mobile device management platforms like Microsoft Intune and tools like Windows Autopilot to ensure devices are configured according to your standards.

    https://learn.microsoft.com/en-us/azure/active-directory/devices/azuread-joined-devices-frx

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer--

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.